| Time |
S |
Nick |
Message |
| 00:02 |
|
dcook |
Good ol' Javascript caching... |
| 00:02 |
|
dcook |
Could not figure out why the patch wasn't working... |
| 00:02 |
|
dcook |
Shift + F5 ftw |
| 00:43 |
|
|
NateC joined #koha |
| 01:17 |
|
rangi |
https://soundcloud.com/dee-b/d[…]n-slice-of-heaven |
| 01:21 |
|
wizzyrea |
<commence internal dancing> |
| 01:28 |
|
wizzyrea |
https://soundcloud.com/six60/s[…]e-love-rudimental < this is the next one that it gave me |
| 01:28 |
|
wizzyrea |
which I quite like. |
| 01:33 |
|
|
irma joined #koha |
| 01:37 |
|
|
kathryn joined #koha |
| 01:56 |
|
|
ngourlay joined #koha |
| 02:02 |
|
|
wajasu joined #koha |
| 02:05 |
|
wizzyrea |
the related/recommendeds from that song are quite good. |
| 02:06 |
|
wizzyrea |
https://soundcloud.com/fly-my-pretties/get-out |
| 02:23 |
|
dcook |
Interwebs question for whoever... |
| 02:23 |
|
dcook |
So you register a domain name with a registrar |
| 02:23 |
|
dcook |
Do you then set up cnames and anames with the register to point to your external IP address? |
| 02:24 |
|
dcook |
The cname and aname records would be for a DNS server... |
| 02:24 |
|
* dcook |
really needs to just register a domain one of these days |
| 02:24 |
|
eythian |
you point the registrar to a name server of your choosing |
| 02:25 |
|
eythian |
and that name server turns names into addresses, whether A or CNAME |
| 02:25 |
|
dcook |
Mmm, that makes sense |
| 02:25 |
|
dcook |
And that's how people run their own name servers, yeah? |
| 02:25 |
|
eythian |
yep |
| 02:25 |
|
dcook |
Ahhhhhh |
| 02:25 |
|
eythian |
though I probably wouldn't run my own server |
| 02:26 |
|
dcook |
I wouldn't by choice, but I think this person might be... will have to ask |
| 02:26 |
|
dcook |
And companies like GoDaddy run name servers as well? |
| 02:26 |
|
dcook |
As sort of a one stop shop? |
| 02:26 |
|
eythian |
yep |
| 02:27 |
|
eythian |
(although godaddy in general seems to be a terrible company, I wouldn't recommend them.) |
| 02:27 |
|
eythian |
also, they have the UI of ... well, something with a horrifically bad UI |
| 02:27 |
|
dcook |
Yeah, I hear truly awful things about them |
| 02:27 |
|
eythian |
last I used them, some years ago. |
| 02:27 |
|
dcook |
I think I heard something good about crazydomains recently, but I have no idea really :/ |
| 02:27 |
|
dcook |
Other than to avoid godaddy :p |
| 02:27 |
|
rangi |
yeah it took literally days to get my domains off |
| 02:28 |
|
dcook |
:( |
| 02:29 |
|
eythian |
I've been meaning to move my stuff to iwantmyname.com, mostly because a) my current one has moved their DNS to freeparking.co.nz which is probably a step for the worse, and b) I know the people who work for/own iwmn. |
| 02:30 |
|
dcook |
Always handy knowing people |
| 02:32 |
|
ibeardslee |
my personal stuff (and things for a couple of others) is with iwmn |
| 02:36 |
|
dcook |
Hmm, so an A record points to an ip address... |
| 02:36 |
|
dcook |
But what about subdomains? |
| 02:36 |
|
eythian |
ipv4. AAAA points to ipv6 |
| 02:36 |
|
eythian |
and AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA points to Lovecraft |
| 02:36 |
|
dcook |
Couldn't you use subdomains to point a few different subdomains to different IP addresses? |
| 02:36 |
|
eythian |
yes |
| 02:37 |
|
dcook |
Hmm, I think I'm reading some crappy docs online |
| 02:38 |
|
* dcook |
really should read some Lovecraft one of these days.. |
| 02:39 |
|
eythian |
It'll help with most software stuff |
| 02:39 |
|
eythian |
http://thedoomthatcametopuppet.tumblr.com/ <-- look how much more accurate the puppet docs are, for example |
| 02:41 |
|
mtj |
hey #koha, is anyone using https OPAC. out there? |
| 02:42 |
|
mtj |
..i think i might have hit a bug with the opac shelf-browser, and https |
| 02:42 |
|
eythian |
mtj: we have some I think |
| 02:42 |
|
mtj |
just curious to confirm with someone else... |
| 02:43 |
|
eythian |
https://ashs.mykoha.co.nz/ <-- here's a public one |
| 02:43 |
|
* eythian |
wishes they'd get some design work, black and grey is so dour |
| 02:43 |
|
mtj |
thanx again eythian :0) |
| 02:44 |
|
mtj |
hmm, no bug on https://ashs |
| 02:45 |
|
mtj |
ok, thats good :) |
| 02:46 |
|
wizzyrea |
what's the bug? |
| 02:46 |
|
wahanui |
rumour has it the bug is it stores biblionumber not itemnumber |
| 02:47 |
|
wizzyrea |
also, mtj, are you in prog or bootstrap? |
| 02:47 |
|
wizzyrea |
eythian: you remember when ashs was pea green eh |
| 02:48 |
|
eythian |
yeah |
| 02:48 |
|
wizzyrea |
I daresay it's a bit of an improvement >.> |
| 02:48 |
|
eythian |
http://www.ashs.school.nz/ <-- that's not bad though |
| 02:48 |
|
wizzyrea |
nope, that's pretty. |
| 02:48 |
|
wizzyrea |
our designers could make a gorgeous koha with that. |
| 02:49 |
|
wizzyrea |
now I am extra sad. |
| 02:50 |
|
mtj |
ah yes, good point wizzyrea - the bug is on a prog opac |
| 02:51 |
|
mtj |
i'll test on a BS opac too |
| 02:51 |
|
wizzyrea |
you just did :) |
| 02:52 |
|
mtj |
ha s/bs/prog/ |
| 02:52 |
|
wizzyrea |
https://library.plantandfood.co.nz/ might work, dunno if they have the shelf browser on |
| 02:53 |
|
eythian |
http://imgur.com/gallery/C0hQbLL <-- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
| 02:53 |
|
wizzyrea |
omg. |
| 03:05 |
|
dcook |
Who wha? |
| 03:05 |
|
dcook |
Got distracted |
| 03:07 |
|
* dcook |
likes black and gray :p |
| 03:07 |
|
dcook |
O_O |
| 03:11 |
|
dcook |
Dang, AWS sure has a lot of services... |
| 03:15 |
|
eythian |
stock dev install from master doesn't work with apache 2.4 |
| 03:15 |
|
eythian |
(it gets a 403 error due to permission changes) |
| 03:16 |
|
eythian |
http://keyshop.pimpmykeyboard.[…]s/beer-break-keys |
| 03:27 |
|
dcook |
I was wondering if you were having any more luck with the dev install, eythian |
| 03:27 |
|
dcook |
Haven't had a look lately myself |
| 03:27 |
|
dcook |
Mmm beer |
| 03:27 |
|
eythian |
Oh, I know how to figure out how to fix it, I just haven't yet |
| 03:46 |
|
eythian |
I still haven't got stupid zebra to work again though |
| 03:46 |
|
|
NateC joined #koha |
| 03:47 |
|
eythian |
oh, the stock dev install also asks if you want to download a .pl file because it doesn't know how to handle it |
| 03:48 |
|
wizzyrea |
@later tell tcohen the wee babe is fantastically beautiful, congratulations |
| 03:48 |
|
huginn |
wizzyrea: The operation succeeded. |
| 03:51 |
|
dcook |
eythian: download a .pl? :S |
| 03:52 |
|
eythian |
yeah, instead of executing it |
| 03:52 |
|
eythian |
I was sure I'd fixed this in the packages, but you think I can find the line that does it now... |
| 03:53 |
|
eythian |
AddHandler cgi-script .pl |
| 03:53 |
|
eythian |
that's what I need |
| 03:58 |
|
eythian |
hmm well that failed to work |
| 03:59 |
|
eythian |
ah, a2enmod cgid may also be necessary |
| 03:59 |
|
eythian |
it is |
| 03:59 |
|
eythian |
I'm going to have to do some proper testing on jessie to make sure that all works |
| 04:00 |
|
eythian |
this may accelerate my deprecation of squeeze |
| 04:02 |
|
eythian |
damnit, why is my pocket full of crumbs |
| 04:05 |
|
dcook |
O_o |
| 04:06 |
|
eythian |
some time in the recent past I'd put a cupcake wrapper in there, and then forgot to move it to a rubbish bin like the plan was. |
| 04:06 |
|
eythian |
it finally reached critical crumminess |
| 04:06 |
|
kathryn |
phew, we can all sleep tonight with that mystery solved |
| 04:06 |
|
kathryn |
oh hi dcook and all :) |
| 04:11 |
|
|
irma_ joined #koha |
| 04:14 |
|
dcook |
hey kathryn :) |
| 04:15 |
|
dcook |
hehe critical crumminess |
| 04:49 |
|
|
NateC joined #koha |
| 06:02 |
|
|
cait joined #koha |
| 06:50 |
|
* cait |
waves to #koha |
| 06:50 |
|
|
NateC joined #koha |
| 06:51 |
|
eythian |
hi cait |
| 06:51 |
|
cait |
hi eythian |
| 06:51 |
|
cait |
quite late for you? |
| 06:51 |
|
eythian |
yeah, got stuck into a thing that I'm doing, didn't want to stop while it's moving along. |
| 06:52 |
|
cait |
:) |
| 06:52 |
|
cait |
something interseting? |
| 06:53 |
|
eythian |
adding a user provisioning API, so that another system can automatically add/update users in Koha. |
| 06:53 |
|
|
laurence joined #koha |
| 07:10 |
|
|
akafred joined #koha |
| 07:15 |
|
cait |
eythian: ah |
| 07:15 |
|
cait |
eythian: i have heard several people talking about somehting like that lately |
| 07:15 |
|
akafred |
Greetings, kohalians :-) I see there is a thread on the mailing list mentioning MariaDB and mysql. Does the koha-community explicitly plan for Koha to support both in the event that they introduce (significant) incompatibilities? (see https://mariadb.com/kb/en/mari[…]ql-compatibility/ ) |
| 07:16 |
|
cait |
we are working towards using dbix - so i think the goal is to support more than just those 2 |
| 07:17 |
|
cait |
and one of the things jenkins does is running the tests on a server with mariadb |
| 07:18 |
|
|
papa joined #koha |
| 07:19 |
|
|
drojf joined #koha |
| 07:21 |
|
cait |
which doesn't answre your question I guess :) |
| 07:21 |
|
cait |
i think there is no official plan but if some of us are already using it, I think the chances would be that problems would get fixed |
| 07:21 |
|
cait |
morning drojf |
| 07:22 |
|
cait |
will be gone again most of today... project management course |
| 07:22 |
|
cait |
bye |
| 07:22 |
|
|
cait left #koha |
| 07:23 |
|
drojf |
hi cait. bye cait |
| 07:24 |
|
magnuse |
akafred: we can't force anyone to do anything, so i think database support depends on people wanting it enough to work on it |
| 07:24 |
|
* magnuse |
waves at #koha in general |
| 07:25 |
|
drojf |
hei magnuse |
| 07:31 |
|
rangi |
most likely we'd stick with the non oracle one, if it had to be a choice |
| 07:34 |
|
magnuse |
moin drojf |
| 07:35 |
|
magnuse |
yeah, that was at the back of my mind too, rangi |
| 07:35 |
|
magnuse |
maybe i'll find the time to switch to maria in 2015 |
| 07:35 |
|
|
Oak joined #koha |
| 07:35 |
|
magnuse |
hm, maybe ot could be an option in kohadevbox... |
| 07:36 |
|
magnuse |
Oak |
| 07:36 |
|
Oak |
magnuse |
| 07:36 |
|
* Oak |
waves |
| 07:36 |
|
magnuse |
\o/ |
| 07:36 |
|
Oak |
\o// |
| 07:36 |
|
Oak |
oh |
| 07:37 |
|
magnuse |
bug 13359 looks like a step in the right direction |
| 07:37 |
|
huginn |
Bug http://bugs.koha-community.org[…]_bug.cgi?id=13359 enhancement, P5 - low, ---, koha-bugs, Pushed to Stable , provide virtual-mysql-server Depends On to facilitate alternate mysql implementations |
| 07:38 |
|
magnuse |
bug 5366 might need some attention |
| 07:38 |
|
huginn |
Bug http://bugs.koha-community.org[…]w_bug.cgi?id=5366 major, P5 - low, ---, gmcharlt, Failed QA , Koha does not work right with MariaDB |
| 07:39 |
|
|
reiveune joined #koha |
| 07:39 |
|
reiveune |
hello |
| 07:40 |
|
rangi |
im not sure anything more is needed, we are running about 11 production sites on mariadb |
| 07:40 |
|
rangi |
a couple for more than a year now |
| 07:41 |
|
magnuse |
ah, cool |
| 07:41 |
|
magnuse |
i thought i knew you were running *something* on mariadb, but i didn't know it was that much |
| 07:42 |
|
magnuse |
rangi: is 5366 still relevant? |
| 07:44 |
|
|
marcelr joined #koha |
| 07:45 |
|
marcelr |
hi #koha |
| 07:45 |
|
Oak |
hi marcelr |
| 07:45 |
|
marcelr |
:) |
| 07:45 |
|
drojf |
i made a small patch for the dom/grs-thingy in about.pl (bug 13404) and i think we should have another one changing the piece that says to use dom you have to (only) set <zebra_*_index_mode> to dom. it would make sense to have that in 3.18 to prevent misconfiguration. what do you think? |
| 07:45 |
|
Oak |
:] |
| 07:45 |
|
huginn |
Bug http://bugs.koha-community.org[…]_bug.cgi?id=13404 enhancement, P5 - low, ---, mirko, Needs Signoff , More »System information« about GRS1 vs DOM settings |
| 07:46 |
|
drojf |
hi marcelr, Oak and rangi |
| 07:46 |
|
marcelr |
hi drojf |
| 07:46 |
|
Oak |
hi drojf |
| 07:51 |
|
akafred |
I ran gource on the koha git repo yesterday - pretty cool - what would be even awesomer(!) is a narrated screencast of the gource-video on the history of Koha: https://code.google.com/p/gource/ |
| 07:52 |
|
magnuse |
akafred: have you seen https://www.youtube.com/watch?v=Tl1a2VN_pec ? not quite what you are asking for, though |
| 07:54 |
|
akafred |
Haha, I would consider that pretty close! |
| 07:55 |
|
magnuse |
yay |
| 07:55 |
|
magnuse |
4 years old now, though, an update would have been awesome |
| 07:56 |
|
rangi |
its pretty easy to do |
| 07:56 |
|
|
NateC joined #koha |
| 07:57 |
|
rangi |
i work with the author of gource |
| 07:57 |
|
akafred |
Kewl :-) |
| 07:57 |
|
magnuse |
small world ;-) |
| 07:59 |
|
akafred |
I was sort of thinking a narration and dialogue between 2-3 of the people who have followed the project the closest. I am sure there are both architectural lessons and other historical tidbits that would be useful for many of us. |
| 08:00 |
|
rangi |
https://www.youtube.com/watch?v=JMhiFoEjXc4 |
| 08:00 |
|
drojf |
director's commentary :) |
| 08:01 |
|
|
alex_a joined #koha |
| 08:01 |
|
alex_a |
bonjour |
| 08:02 |
|
Oak |
Bonjour Monsieur alex_a |
| 08:03 |
|
|
saa joined #koha |
| 08:03 |
|
magnuse |
cool, rangi, i don't think i had seen that one before |
| 08:03 |
|
saa |
i am struggling to get answer of one query |
| 08:03 |
|
magnuse |
we could have an option to "export circ stats to gource" :-) |
| 08:04 |
|
saa |
one of the record when searched it throws error "Can't call method "as_string" on an undefined value at /usr/share/koha/lib/C4/Koha.pm line 1685." |
| 08:04 |
|
saa |
i tried to delete all items attached to this record and then edited and added items to it |
| 08:04 |
|
magnuse |
there must be 2 or 3 videos where rangi and paul_p present the history of koha at conferences |
| 08:04 |
|
|
gaetan_B joined #koha |
| 08:04 |
|
gaetan_B |
hello |
| 08:04 |
|
saa |
but the eror is still there |
| 08:04 |
|
saa |
can someone help |
| 08:06 |
|
drojf |
saa: if that is the same record you were talking about a few days ago, i would probably delete it and manually add it |
| 08:06 |
|
saa |
i did that |
| 08:06 |
|
saa |
several times |
| 08:06 |
|
saa |
right |
| 08:06 |
|
drojf |
oh. ok |
| 08:07 |
|
rangi |
and you have rebuilt the index? |
| 08:07 |
|
saa |
i dont knw what is the reason |
| 08:07 |
|
saa |
yes |
| 08:08 |
|
rangi |
no idea then |
| 08:08 |
|
saa |
but this error is refering to what as_string |
| 08:09 |
|
akafred |
rangi: Would be cool if one at any time could run a gource-command on koha and get a result like https://www.youtube.com/watch?v=Tl1a2VN_pec - it is basically the git repo + a file with historical events, right? |
| 08:09 |
|
rangi |
the file is in git |
| 08:09 |
|
rangi |
docs/history.txt |
| 08:20 |
|
|
sophie_m joined #koha |
| 08:26 |
|
akafred |
Cool, although the later events are a bit less interesting. |
| 08:27 |
|
akafred |
Is this something gource supports out of the box? |
| 08:27 |
|
akafred |
I mean - to put the history text into the gource video? |
| 08:31 |
|
|
nicolas joined #koha |
| 08:31 |
|
nicolas |
hiya #koha |
| 08:41 |
|
ashimema_ |
anyone happen to know if there's a current branch of bug 6427 lurking anywhere? |
| 08:41 |
|
huginn |
Bug http://bugs.koha-community.org[…]w_bug.cgi?id=6427 enhancement, P5 - low, ---, kyle.m.hall, Needs Signoff , Rewrite of the accounts system |
| 08:46 |
|
|
ashimema joined #koha |
| 08:50 |
|
Joubu |
hello #koha |
| 08:51 |
|
marcelr |
hi Joubu |
| 09:03 |
|
magnuse |
http://librecatproject.wordpre[…]on-into-catmandu/ |
| 09:06 |
|
ashimema |
Morning \koha |
| 09:08 |
|
magnuse |
kia ora ashimema |
| 09:08 |
|
saa |
hw can i delete biblio number |
| 09:09 |
|
saa |
when i try to delete it using batch record deletion it says "Bibliographic record 1119 was not deleted. An error occurred. (The error was: DBD::mysql::st execute failed: Duplicate entry '1119' for key 'PRIMARY' at /usr/share/koha/lib/C4/Biblio.pm line 3325. , see the Koha log file for more information). " |
| 09:16 |
|
Joubu |
saa: I would say that you have a biblionumber=1119 in your deletedbiblio table |
| 09:17 |
|
saa |
something is wrong with my database |
| 09:18 |
|
saa |
if i search in catalogue it shows this record |
| 09:18 |
|
saa |
when i go to batch record deletion and search for this record it throws abv error |
| 09:19 |
|
saa |
i dont knw what has gone wrong with the database but "an't call method "as_string" on an undefined value at /usr/share/koha/lib/C4/Koha.pm line 1685." |
| 09:19 |
|
saa |
this error comes even if i add delete same record |
| 09:19 |
|
saa |
reindex zebra |
| 09:20 |
|
saa |
is there any way i can remove completely all occurances of this record |
| 09:21 |
|
Joubu |
saa: select count(*) from deletedbiblio where biblionumber=1119 |
| 09:21 |
|
Joubu |
this returns 0 or 1? |
| 09:22 |
|
saa |
it says 1 |
| 09:23 |
|
Joubu |
saa: and select max(biblionumber) from deletedbiblio; ? |
| 09:23 |
|
saa |
1122 |
| 09:25 |
|
saa |
it was 1119 i added new record with same details and it threw as_string error for same title, author and i added one more new record but it didnot threw any error |
| 09:25 |
|
saa |
which means that 1119 is there somewhere |
| 09:26 |
|
Joubu |
saa: the batch record deletion tools cannot remove 1119 because it tries to backup the record into the deletedbiblio table. But the primary key (biblionumber) already exists |
| 09:26 |
|
Joubu |
you can try to remove the row in deletedbiblio where biblionumber=1119, but check before if you need it or not |
| 09:26 |
|
Joubu |
saa: is it a production server? |
| 09:26 |
|
saa |
i did this also |
| 09:26 |
|
saa |
but still no luck |
| 09:26 |
|
saa |
yes |
| 09:27 |
|
Joubu |
sorry then, I am not wake up enough to provide support for a production server :) |
| 09:27 |
|
Joubu |
but remove the records should permit you to remove it cleanly |
| 09:28 |
|
Joubu |
remove the records in deletedbiblio |
| 09:31 |
|
saa |
and how do i clean zebra data for that record |
| 09:34 |
|
Joubu |
the batch tools should do it for you |
| 09:58 |
|
|
NateC joined #koha |
| 10:39 |
|
|
paul_p joined #koha |
| 11:02 |
|
paxed |
arrrgh. link_bibs_to_authorities.pl resulted in "Out of memory!" after a while. |
| 11:06 |
|
paxed |
ahwell, at least i can continue it with --bib-limit |
| 11:07 |
|
|
ashimema joined #koha |
| 11:52 |
|
|
NateC joined #koha |
| 12:13 |
|
|
clrh joined #koha |
| 12:13 |
|
|
gmcharlt joined #koha |
| 12:13 |
|
|
jcamins joined #koha |
| 12:13 |
|
|
chris_n joined #koha |
| 12:13 |
|
|
matts_away joined #koha |
| 12:13 |
|
|
liw joined #koha |
| 12:13 |
|
|
slef joined #koha |
| 12:13 |
|
|
paxed joined #koha |
| 12:13 |
|
|
wahanui joined #koha |
| 12:13 |
|
|
jajm joined #koha |
| 12:13 |
|
|
kivilahtio joined #koha |
| 12:13 |
|
|
wizzyrea joined #koha |
| 12:13 |
|
|
Joubu joined #koha |
| 12:13 |
|
|
ibeardslee joined #koha |
| 12:13 |
|
|
khall joined #koha |
| 12:13 |
|
|
BobB joined #koha |
| 12:13 |
|
|
fredericd joined #koha |
| 12:13 |
|
|
jenkins_koha joined #koha |
| 12:13 |
|
|
mtj joined #koha |
| 12:13 |
|
|
magnuse joined #koha |
| 12:13 |
|
|
bshum joined #koha |
| 12:13 |
|
|
jeff joined #koha |
| 12:13 |
|
|
phasefx joined #koha |
| 12:13 |
|
|
aleisha joined #koha |
| 12:13 |
|
|
dcook joined #koha |
| 12:13 |
|
|
eythian joined #koha |
| 12:13 |
|
|
irma joined #koha |
| 12:13 |
|
|
ngourlay joined #koha |
| 12:13 |
|
|
irma_ joined #koha |
| 12:13 |
|
|
papa joined #koha |
| 12:13 |
|
|
marcelr joined #koha |
| 12:13 |
|
|
sophie_m joined #koha |
| 12:13 |
|
|
nlegrand joined #koha |
| 12:13 |
|
|
ashimema joined #koha |
| 12:14 |
|
|
wajasu joined #koha |
| 12:14 |
|
|
gaetan_B joined #koha |
| 12:21 |
|
|
dbs joined #koha |
| 12:54 |
|
|
NateC joined #koha |
| 12:55 |
|
|
meliss joined #koha |
| 13:10 |
|
|
NateC joined #koha |
| 13:26 |
|
|
edveal joined #koha |
| 13:35 |
|
|
collum joined #koha |
| 13:36 |
|
|
Dyrcona joined #koha |
| 13:52 |
|
|
drojf joined #koha |
| 14:02 |
|
|
carmenh joined #koha |
| 14:14 |
|
|
meliss joined #koha |
| 14:17 |
|
|
edveal joined #koha |
| 14:21 |
|
|
JoshB joined #koha |
| 14:23 |
|
|
maryj joined #koha |
| 14:23 |
|
|
maryj joined #koha |
| 14:24 |
|
|
drojf1 joined #koha |
| 14:26 |
|
|
cma joined #koha |
| 15:08 |
|
|
rocio joined #koha |
| 15:58 |
|
* chris_n |
bangs a pan |
| 16:02 |
|
|
tgoat joined #koha |
| 16:02 |
|
|
Oak joined #koha |
| 16:03 |
|
* Oak |
waves |
| 16:03 |
|
Oak |
@seen cait |
| 16:03 |
|
huginn |
Oak: cait was last seen in #koha 8 hours, 41 minutes, and 29 seconds ago: <cait> bye |
| 16:40 |
|
gaetan_B |
bye |
| 17:21 |
|
|
phasefx joined #koha |
| 17:25 |
|
|
cait joined #koha |
| 17:43 |
|
|
drojf joined #koha |
| 18:48 |
|
|
kmlussier joined #koha |
| 18:57 |
|
reiveune |
bye |
| 18:57 |
|
|
reiveune left #koha |
| 19:05 |
|
|
hankbank joined #koha |
| 19:39 |
|
* cait |
waves |
| 19:41 |
|
chris_n |
some sort of holiday? |
| 19:41 |
|
chris_n |
mighty quiet in here today |
| 19:46 |
|
rangi |
yeah it is quiet |
| 19:47 |
|
* cait |
nods |
| 19:47 |
|
cait |
i had training today, didn't read back |
| 19:50 |
|
|
jeff_ joined #koha |
| 19:54 |
|
|
trea joined #koha |
| 20:11 |
|
eythian |
hi |
| 20:11 |
|
wahanui |
hi, eythian |
| 20:19 |
|
|
drojf1 joined #koha |
| 20:28 |
|
cait |
hi eythian |
| 20:29 |
|
drojf |
hi cait and eythian |
| 20:29 |
|
cait |
hi drojf |
| 20:50 |
|
rangi |
@later tell dcook in your hunt for encrypted backups done right, you should look at obnam |
| 20:50 |
|
huginn |
rangi: The operation succeeded. |
| 21:26 |
|
|
kathryn joined #koha |
| 21:52 |
|
dcook |
rangi: I've been pondering obnam a bit. Haven't gotten there yet though. |
| 21:52 |
|
dcook |
Actually, I did install it to this VM I have right here... |
| 21:52 |
|
dcook |
I don't imagine it's solved the whole storing your passphrase in the clear though :/ |
| 21:52 |
|
dcook |
The only way around that I can see is using full disk encryption, which isn't necessarily that feasible on a system used by multiple people :/ |
| 21:56 |
|
|
akafred joined #koha |
| 21:57 |
|
rangi |
gpg-agent and a passphrase, dont store anything in the clear |
| 22:10 |
|
dcook |
rangi: I was thinking a bit about gpg-agent |
| 22:10 |
|
dcook |
But then it's not totally automated either |
| 22:11 |
|
dcook |
You'd still need to provide the agent with the key, enter the passphrase to unlock it, and then let things go on their merry way |
| 22:11 |
|
rangi |
id probably trade fully automated for not being owned |
| 22:11 |
|
dcook |
hehe |
| 22:11 |
|
dcook |
I admit that this is my conclusion as well :) |
| 22:11 |
|
dcook |
How do you use gpg-agent? |
| 22:12 |
|
dcook |
I've thought about using a Yubikey or maybe a card (although then I'd need a reader, so the Yubikey is just a better bet) |
| 22:12 |
|
eythian |
there's nothing particularly wrong with storing a passphrase on the device doing the backups. If they can get to the passphrase, they don't need the backups anyway. |
| 22:12 |
|
dcook |
eythian: not necessarily |
| 22:12 |
|
dcook |
On my system, my home directories are encrypted, so they could restart the device but my directories would still be encrypted even if they had root |
| 22:13 |
|
rangi |
i have it in my .bash_profile |
| 22:13 |
|
dcook |
(of course they could set something up to steal data from me later, but it would stop an immediate attack) |
| 22:13 |
|
|
NateC joined #koha |
| 22:13 |
|
rangi |
http://paste.koha-community.org/307 |
| 22:14 |
|
|
NateC joined #koha |
| 22:14 |
|
dcook |
rangi: So that's for a non-graphical environment? |
| 22:15 |
|
rangi |
is there any other kind? |
| 22:15 |
|
dcook |
:p |
| 22:15 |
|
cait |
heh |
| 22:15 |
|
dcook |
hey cait :) |
| 22:16 |
|
dcook |
rangi: So once the agent is running, does it ask for your passphrase once or for each request? |
| 22:16 |
|
dcook |
And if the former, is it when you connect? |
| 22:17 |
|
rangi |
it asks you the first time the key is used |
| 22:18 |
|
rangi |
then not again unless you reboot the machine, or kill the agent |
| 22:19 |
|
dcook |
Right. Cool beans. |
| 22:19 |
|
dcook |
Although now that I think about it... that would just be for your user |
| 22:19 |
|
dcook |
Would would you do if you wanted to do automated encrypted backups as root? |
| 22:19 |
|
dcook |
So that you can spin off your /etc and maybe /var from time to time? |
| 22:20 |
|
dcook |
I'm actually fairly content with some of the user-level options I've been pondering |
| 22:20 |
|
eythian |
hmm, usually(?) the agent forgets the passphrase after 5 or 10 minutes for me |
| 22:20 |
|
eythian |
I'm not sure if this is something I configured or not though |
| 22:21 |
|
dcook |
Hmm, sounds configurable. Don't see anything on the manpage. |
| 22:21 |
|
dcook |
eythian: Oh, I noticed that Debian automounted a ext4 volume using the label as well last night |
| 22:21 |
|
eythian |
ah cool |
| 22:21 |
|
dcook |
I'll probably suggest using the label to the Deja Dup maintainer then |
| 22:22 |
|
cait |
hi and good night :) |
| 22:22 |
|
dcook |
night cait :) |
| 22:22 |
|
dcook |
eythian: Any thoughts on auto encrypted backups as root? :/ |
| 22:22 |
|
|
cait left #koha |
| 22:22 |
|
eythian |
bye cait |
| 22:22 |
|
eythian |
dcook: there's a few options depending on what your use cases are. |
| 22:23 |
|
dcook |
eythian: I'd love to hear them :) |
| 22:23 |
|
eythian |
You could store a passphraseless gpg key on the machine that's only used for this, and is safely stored elsewhere. |
| 22:23 |
|
eythian |
You could have the passphrase in a file. |
| 22:23 |
|
eythian |
Things like that. |
| 22:24 |
|
eythian |
if your threat model is that someone is going to break into your machine and use what they find there to access your physically separate backups, I think you're already screwed and need to reevaluate your security overall. |
| 22:25 |
|
dcook |
Well, only the offsite backup is physically separate really |
| 22:25 |
|
dcook |
The onsite one is attached as it's still being backed up. |
| 22:25 |
|
dcook |
So a person could just sit there, get the passphrase and/or key, then take the backup or just access the backup on the spot |
| 22:26 |
|
dcook |
Mind you... I suppose that's not that different to having a locked box in your house |
| 22:26 |
|
dcook |
As someone could just break into it with a drill or a hammer |
| 22:26 |
|
dcook |
There will almost always be a tool that someone could use if they have that tool and the will to use it |
| 22:27 |
|
dcook |
eythian/rangi: So with obnam... does it store the public key for encrypting, and request the private key when doing diffs? |
| 22:28 |
|
dcook |
(the request being handled by gpg and gpg-agent of course) |
| 22:28 |
|
eythian |
well |
| 22:28 |
|
eythian |
it's not really that simple |
| 22:28 |
|
eythian |
(aiui) |
| 22:28 |
|
eythian |
you'd be best off asking liw |
| 22:28 |
|
dcook |
@seen liw |
| 22:28 |
|
huginn |
dcook: liw was last seen in #koha 5 days, 2 hours, 55 minutes, and 50 seconds ago: <liw> I don't know if this is a feeling librarians ever have: I've just moved back to Finland, and have today gotten my bookcase and books back. Sorting through my books is a weird mix of "oh no more books" and "oh look, I'd forgotten this gem, I really liked reading it" |
| 22:28 |
|
dcook |
I suppose I should just email him, as I doubt I'll catch him on here |
| 22:29 |
|
eythian |
but you need to look into a) what purpose your backups are to serve, and b) what bad things could happen to them that you want to guard against |
| 22:29 |
|
eythian |
and what level of security you're willing to trade for automated backups. |
| 22:31 |
|
dcook |
Yeah, those are the questions I've been asking myself the past few days |
| 22:32 |
|
dcook |
Actually, a friend of mine raised an interesting point about how we have this fear of losing our archives, but what would happen if we actually did? |
| 22:32 |
|
dcook |
In a lot of cases, it probably wouldn't matter at all |
| 22:33 |
|
dcook |
I knew a women once who lost every single possession she had when her house burnt down in her teens. |
| 22:33 |
|
dcook |
She said she didn't miss a thing, except maybe the occasional photograph |
| 22:33 |
|
dcook |
I think that's one of the first lessons for archivists too. Not everything is worth keeping. |
| 22:34 |
|
dcook |
I suppose the backups as root would just be preserving configuration which isn't sensitive at all... so it wouldn't be a big deal to store the passphrase in a file. |
| 22:34 |
|
dcook |
Whereas backing up personal data would be more sensitive... but there are already pretty good tools for doing that more safely |
| 22:35 |
|
dcook |
s/safely/securely/ |
| 22:35 |
|
dcook |
eythian++ |
| 22:35 |
|
dcook |
rangi++ |
| 22:35 |
|
dcook |
Always glad to have you two to talk to about these things :) |
| 22:35 |
|
eythian |
a) stuff in /etc can be sensitive, b) if you want automated encrypted backups, you _must_ have some encryption key of some type stored somewhere. |
| 22:35 |
|
eythian |
There's no other option |
| 22:35 |
|
ibeardslee |
dcook: although someone may not miss something, that doesn't necessarily mean that it has no value to others |
| 22:36 |
|
eythian |
(unless you could do some kind of streaming with PKI, but that's not very efficient.) |
| 22:36 |
|
dcook |
ibeardslee: True, I was thinking more so in the case of not backing something up rather than losing it to someone else. |
| 22:36 |
|
ibeardslee |
plenty of old pots have been discarded over the years, but they tell us a lot about that culture |
| 22:36 |
|
* dcook |
so wants to discard some of his old pots and pans... |
| 22:36 |
|
eythian |
I mean, you could tar.gz everything with a public key every time, that's quite safe, but more hassle. |
| 22:37 |
|
eythian |
but you also need to be sure that you have the stuff to do recovery when you need to. |
| 22:37 |
|
eythian |
otherwise you don't have bakups... |
| 22:37 |
|
dcook |
I was thinking about tar.gz everything with a public key, and keeping the key on a usb or something like that |
| 22:37 |
|
dcook |
eythian: yep |
| 22:37 |
|
dcook |
Actually, that's something someone suggested as well (while warning against obnam and duplicity) |
| 22:37 |
|
dcook |
If you use tar.gz and GPG, it's pretty darned cross platform |
| 22:38 |
|
eythian |
but, if you have a lot of data, that fast becomes impractical, as you can only do a full backup each time. |
| 22:38 |
|
dcook |
Agreed |
| 22:38 |
|
dcook |
That was my criticism as well. |
| 22:38 |
|
dcook |
Although in my case, I don't have much data, so it could work... for now. |
| 22:41 |
|
|
ngourlay joined #koha |
| 22:48 |
|
eythian |
chris_n: new .deb published for PDF::Reuse |
| 22:49 |
|
eythian |
wahanui: kids these days is <reply>They're so adolescent! |
| 22:49 |
|
wahanui |
OK, eythian. |
| 22:52 |
|
dcook |
Oh right... the boss just reminded me of another idea... |
| 22:52 |
|
dcook |
Where you embed a password in a compiled program |
| 22:53 |
|
dcook |
I was then thinking about how to reverse engineer a compiled C program.. |
| 22:53 |
|
dcook |
Well, not reverse engineer... but uncompile.. |
| 22:54 |
|
dcook |
decompile I suppose |
| 22:54 |
|
rangi |
yeah, it doenst win you much, for a crap ton of effort |
| 22:54 |
|
rangi |
there are pretty good decompilers out there |
| 22:55 |
|
rangi |
im sure we'll see one or 2 in action at kiwicon |
| 22:55 |
|
dcook |
How long until kiwicon now? |
| 22:56 |
|
rangi |
couple of days |
| 23:03 |
|
dcook |
Looks like it should be a good time :) |
| 23:09 |
|
|
kmlussier left #koha |
| 23:11 |
|
|
dani joined #koha |
| 23:12 |
|
dani |
hello |
| 23:13 |
|
dani |
jcamins do you have a second for a question about authorities? |
| 23:29 |
|
dcook |
liw is hilarious |
| 23:29 |
|
dcook |
"For example, if the clown gang kidnaps you, your spouse might need access to your backups to be able to contact your MI6 handler to ask them to rescue you." |
| 23:29 |
|
dcook |
Of course, my spouse doesn't know I'm a Canadian spy, so not quite relevant... |
| 23:31 |
|
|
papa joined #koha |
